Configuring Logical Networking in VMM Overview

With Virtual Machine Manager (VMM), you can easily connect virtual machines to a network that serves a particular function in your environment, for example, the “Backend,” “Frontend,” or “Backup” network. To do this, you associate IP subnets and, if needed, virtual local area networks (VLANs) together into named units called logical networks. You can design your logical networks to fit your environment. Logical networks are an enhancement that was introduced in System Center 2012.

The procedures that this overview links to include examples that help demonstrate the concepts. For a summary of the networking examples, see the “Networking” section of the table in Preparing the Fabric Scenario in VMM. The examples are not meant to be prescriptive guidance for a lab setup. You should adapt the examples to your test environment.

Logical networks, as described in this topic, work together with the network enhancements that are described in these other overview topics:

Configuring Ports and Switches for VM Networks in VMM (for System Center 2012 SP1 and System Center 2012 R2): Port profiles and logical switches act as containers for the properties or capabilities that you want your network adapters to have. Rather than configuring each network adapter with these properties or capabilities, you specify the capabilities in port profiles and logical switches, which you can then apply to the appropriate adapters.

Configuring VM Networks and Gateways in VMM (for System Center 2012 SP1 and System Center 2012 R2): By configuring virtual machine networks (VM networks) on top of your logical networks, you can make use of network virtualization or other network configuration options. Gateways can increase possibilities for connectivity.

A logical network, together with one or more associated network sites, is a user-defined named grouping of IP subnets, VLANs, or IP subnet/VLAN pairs that is used to organize and simplify network assignments. Some possible examples include “BACKEND,” “FRONTEND,” “LAB,” “MANAGEMENT,” and “BACKUP.” Because logical networks represent an abstraction of the underlying physical network infrastructure, they enable you to model the network based on business needs and connectivity properties.

After you have created a logical network, you can use it to specify the network on which to deploy a host or a virtual machine (stand-alone or part of a service). Users can assign logical networks as part of virtual machine and service creation without having to understand the network details.

You can use logical networks to describe networks with different purposes, to create traffic isolation, and to provision networks for different types of service-level agreements (SLAs). For example, for a tiered application, you can group IP subnets and VLANs that are used for the front-end web tier as the FRONTEND logical network. You can group IP subnets and VLANs that are used for backend servers (such as application and database servers) as BACKEND. When self-service users model the tiered application as a service, they can easily pick the logical network that virtual machines in each tier of the service should connect to.

At least one logical network must exist for you to deploy virtual machines and services. By default, when you add a Hyper-V host to VMM management, VMM automatically creates logical networks that match the first DNS suffix label of the connection-specific DNS suffix on each host network adapter. For more information, see Assigning logical networks to hosts in this topic.

When you create a logical network, you can do the following:

Create associated network sites, typically for each physical location. For each network site, you can associate IP subnets and VLANs.

Note

Network sites are sometimes referred to as logical network definitions, for example, in the VMM command shell.

Create IP address pools to enable VMM to automatically assign static IP addresses. You can create the pools from an IP subnet that you have associated with the network site.

Network sites and static IP address pools are more fully described in the following sections.

Network sites

When you create a logical network, you can create one or more associated network sites. A network site associates one or more subnets, VLANs, and subnet/VLAN pairs with a logical network. It also enables you to define the host groups to which the network site is available. For example, if you have a Seattle host group and a New York host group, and you want to make the BACKEND logical network available to each, you can create two network sites for the BACKEND logical network. You can scope one network site to the Seattle host group (and any desired child host groups), and you can scope the other network site to the New York host group (and any desired child host groups), adding the appropriate subnets and VLANs for each location. For illustrations showing how a network site is part of a logical network, see Configuring Logical Networking in VMM Illustrated Overview. For information about how to create a network site, see How to Create a Logical Network in VMM.

The following table shows an example of the BACKEND logical network, which is made up of subnets and VLANs from both Seattle and New York.

- Scoped to the New York host group- Associated subnet and VLAN: 172.16.0.0/24 VLAN 12

Before you create network sites, review the following guidelines.

If you are running System Center 2012 SP1 or System Center 2012 R2, and your network configuration will include VM networks that use network virtualization, create at least one network site and associate at least one IP subnet with the site. You can also assign a VLAN to the network site, as appropriate. Creating a network site with an IP subnet makes it possible to create an IP address pool for the logical network, which is necessary for network virtualization.

If your network configuration will not include VM networks that use network virtualization, use the other guidelines in this list, which are the same for System Center 2012, System Center 2012 SP1, and System Center 2012 R2.

If you plan to use a load balancer that is managed by VMM to load-balance a service tier, create at least one network site and associate at least one IP subnet with the network site.

If you want to create static IP address pools that VMM manages, create at least one network site and associate at least one IP subnet with the network site.

If you want to use Dynamic Host Configuration Protocol (DHCP) that is already available on the network to assign IP addresses to virtual devices in a specified VLAN, create network sites with only VLANs assigned to them.

If you want to use DHCP that is already available on the network, and you are not using VLANs, you do not have to create any network sites.

Static IP address pools

This section describes static IP address pools in general, and then provides information about whether to create them. Also, for System Center 2012 SP1 and System Center 2012 R2, it explains whether to create IP address pools for a logical network only or also for VM networks that are configured on that logical network. (In System Center 2012, the only type of network is a logical network and therefore when an IP address pool is created, it is always created for a logical network.)

If you associate one or more IP subnets with a network site, you can create static IP address pools from those subnets. Static IP address pools make it possible for VMM to automatically allocate static IP addresses to Windows-based virtual machines that are running on any managed Hyper-V, VMware ESX or Citrix XenServer host. VMM can automatically assign static IP addresses from the pool to stand-alone virtual machines, to virtual machines that are deployed as part of a service, and to physical computers when you use VMM to deploy them as Hyper-V hosts. Additionally, when you create a static IP address pool, you can define a reserved range of IP addresses that can be assigned to load balancers as virtual IP (VIP) addresses. VMM automatically assigns a virtual IP address to a load balancer during the deployment of a load-balanced service tier.

When you create a static IP address pool, you can configure associated information, such as default gateways, Domain Name System (DNS) servers, DNS suffixes, and Windows Internet Name Service (WINS) servers. All of these settings are optional.

IP address pools support both IPv4 and IPv6 addresses. However, you cannot mix IPv4 and IPv6 addresses in the same IP address pool.

As of System Center 2012 R2, after a virtual machine has been deployed in VMM, you can view the IP address or addresses assigned to that virtual machine. To do this, right-click the listing for the virtual machine, click Properties, click the Hardware Configuration tab, click the network adapter, and in the results pane, click the Connection details button.

Guideline for creating IP address pools with System Center 2012

With VMM in System Center 2012, configuring static IP address pools is optional. You can also assign addresses automatically through DHCP if it is available on the network. If you use DHCP, you do not have to create IP address pools.

Important

If you configure a virtual machine to obtain its IP address from a static IP address pool, you must also configure the virtual machine to use a static media access control (MAC) address. You can either specify the MAC address manually (during the Configure Settings step) or have VMM automatically assign a MAC address from the MAC address pool.

When a static IP address is assigned, VMM must determine the MAC address before the virtual machine starts. VMM uses the MAC address to identify which network adapter to set the static IP address to. This is especially important if there is more than one network adapter on the virtual machine. If the MAC address is assigned dynamically through Hyper-V, VMM cannot identify which network adapter to set the static IP address to if there is more than one network adapter.

Guidelines for creating IP address pools with System Center 2012 SP1 or System Center 2012 R2

With VMM in System Center 2012 SP1 or System Center 2012 R2, use the following guidelines to decide whether to create IP address pools and, if so, whether to create them for a logical network only or also for VM networks that are configured on that logical network. The process of creating an IP address pool for a VM network is similar to the process of creating an IP address pool for a logical network.

Important

If you configure a virtual machine to obtain its IP address from a static IP address pool, you must also configure the virtual machine to use a static MAC address. You can either specify the MAC address manually (during the Configure Settings step) or have VMM automatically assign a MAC address from the MAC address pool.

When a static IP address is assigned, VMM must determine the MAC address before the virtual machine starts. VMM uses the MAC address to identify which network adapter to set the static IP address to. This is especially important if there is more than one network adapter on the virtual machine. If the MAC address is assigned dynamically through Hyper-V, VMM cannot identify which network adapter to set the static IP address to if there is more than one network adapter.

The following list provides guidelines for creating IP address pools, based on the type of network configuration you are using. For descriptions of the network configurations in the list, see Configuring VM Networks and Gateways in VMM.

Network virtualization: If your network configuration includes VM networks that use network virtualization, you must create IP address pools on both the logical network that provides the foundation for those VM networks, and on the VM networks themselves. If the virtual machines on the VM networks are configured to use DHCP, VMM will respond to the DHCP request with an address from an IP address pool.

VLAN-based configuration: If you are using a VLAN-based network configuration, you can use either DHCP, if it is available, or IP address pools. To use IP address pools, create them on the logical network. They will automatically become available on the VM network.

VM network that gives direct access to the logical network (“no isolation”): If you have a VM network that gives direct access to the underlying logical network, you can use either DHCP, if it is available, or IP address pools for that network. To use IP address pools, create them on the logical network. They will automatically become available on the VM network.

External networks that are implemented through a vendor network-management console: If you are using external networks that are implemented through a vendor network-management console (in other words, if you will use a virtual switch extension manager), your IP address pools will be imported from the vendor network-management database. Therefore, do not create IP address pools in VMM. (A vendor network-management console is also known as a management console for a forwarding extension.)

Note

As of System Center 2012 R2, after a virtual machine has been deployed in VMM, you can view the IP address or addresses assigned to that virtual machine. To do this, right-click the listing for the virtual machine, click Properties, click the Hardware Configuration tab, click the network adapter, and in the results pane, click the Connection details button.

Creating an IP address pool to support multicasting or broadcasting

With VMM in System Center 2012 SP1 or System Center 2012 R2, if you are using network virtualization on your VM networks, you can support an application that requires multicasting or broadcasting on the VM networks. To do this, you must create an IP address pool that supports multicasting, and you must follow several other configuration requirements. (For information about what it means to use network virtualization on a VM network, see Configuring VM Networks and Gateways in VMM.) The requirements for using multicasting or broadcasting on a VM network are as follows:

The logical network that you create must have network virtualization enabled.

You must configure an IP address pool on the logical network and select the multicast setting for the pool.

Note that in the Create Static IP Address Pool Wizard, the multicast setting is visible only if the pool is created on a logical network (not on a VM network) and if network virtualization is enabled on that logical network.

For the VM network in which you want to support multicasting, the IP protocol setting (either IPv4 or IPv6) must match the IP protocol setting for the underlying logical network. To configure this, in the Create VM Network Wizard, on the Isolation page of the wizard, select the same IP address protocol (IPv4 or IPv6) for both the logical network and the VM network.

Note that after you finish creating the VM network, you cannot view this protocol setting in the VMM management console. Instead, run the Windows PowerShell cmdlet Get-SCVMNetwork to view the setting. Use the following syntax, where <VMNetworkName> is the name of your VM network:

In the display, a protocol (IPv4 or IPv6) is listed for PAIPAddressPoolType and CAIPAddressPoolType. PAIPAddressPoolType (which begins with “PA”) refers to provider addressing, that is, IP addresses in the logical network. Similarly, CAIPAddressPoolType (which begins with “CA”) refers to customer addressing, that is, IP addresses in the VM network.

When these configuration steps are complete, multicast and broadcast packets on the VM network will use the IP addresses from the multicast IP address pool. Within each VM network, each subnet that you configure will consume one IP address from the multicast pool.

Assigning logical networks to hosts

To make a logical network available to a host, you must associate the logical network with a physical network adapter on the host, and make it available through an external virtual network (which is also known as an external virtual switch or vSwitch). You create this association for each network adapter.

To help ensure that you can create and deploy virtual machines on your existing network, VMM uses default settings to create the necessary logical networks (or other network objects) for a Hyper-V host that is being added to VMM management or for a virtual machine that VMM is connecting to. The following list provides details about these default settings:

For VMM in System Center 2012: By default, when you add a Hyper-V host to VMM management, if a physical network adapter on the host does not have an associated logical network, VMM automatically creates and associates a logical network that matches the first DNS suffix label of the connection-specific DNS suffix. For example, if the DNS suffix for the host network adapter is corp.contoso.com, VMM creates a logical network that is named “corp.” If a virtual network is not associated with the network adapter, when VMM connects a virtual machine to a logical network that is associated with the physical network adapter, VMM also creates an external virtual network and associates it with the logical network.

Note

No network sites are created automatically.

For VMM in System Center 2012 SP1 or System Center 2012 R2: By default, when you add a Hyper-V host to VMM management, if a physical network adapter on the host does not have an associated logical network, VMM automatically creates and associates a logical network that matches the first DNS suffix label of the connection-specific DNS suffix. On the logical network, VMM also creates a VM network that is configured with “no isolation.” For example, if the DNS suffix for the host network adapter is corp.contoso.com, if necessary VMM creates a logical network that is named “corp,” and on it, a VM network named “corp” that is configured with no isolation.

Note

No network sites are created automatically.

The default logical network name creation and virtual network creation settings are customizable. For more information, including which settings apply to VMware ESX hosts and Citrix XenServer hosts, see How to Configure Global Network Settings in VMM.

Tip

In VMM in System Center 2012 SP1 and System Center 2012 R2, port profiles and logical switches are new options that are available for network configurations. By using port profiles and logical switches, you can consistently configure identical capabilities for network adapters across multiple hosts. Rather than configuring each network adapter with specific properties or capabilities, you can specify the capabilities in port profiles and logical switches, which you can then apply to the appropriate network adapters. For more information, see Configuring Ports and Switches for VM Networks in VMM.

For information about how to configure host network settings, see the following topics:

VMM can automatically assign static MAC addresses to new virtual network devices on Windows-based virtual machines that are running on any managed Hyper-V, VMware ESX, or Citrix XenServer host. VMM has two default static MAC address pools: the default MAC address pool (for Hyper-V and Citrix XenServer), and the default VMware MAC address pool (for VMware ESX hosts). The default static MAC address pools are used only if you set the MAC address type for a virtual machine to “Static”. If the virtual machine setting is “Dynamic”, the hypervisor assigns the MAC address. You can either use the default MAC address pools or configure custom MAC address pools that are scoped to specific host groups.

With System Center 2012 R2, you can add an IP Address Management (IPAM) server that runs Windows Server® 2012 R2 to the resources in VMM. When VMM and IPAM are integrated in this way, the settings in VMM will be kept in synchrony with settings stored in the IPAM server. For more information, see How to Add an IPAM Server in VMM in System Center 2012 R2.

Configure port profiles and port classifications, and use them in logical switches, so that you can apply your port settings consistently to your network adapters and virtual network adapters. After you configure port settings, configure logical switches and, as necessary, switch extensions (for Quality of Service (QoS), monitoring, or security).

Configure VM networks (on top of logical networks), which make it possible for you to use network virtualization or other networking options. With VM networks that use network virtualization, you can also use gateways to increase connectivity.